I have a PF firewall, and on the network is a Windows machine that I connect to remotely with Remote Desktop.
I want to prioritize the RDP traffic so that it is not laggy when other people are using the link during the day.
The problem is, when I setup a rule to give the traffic high priority, it is not being matched because the connection is initiated from the outside. It appears that once the connection is in the state table, PF does not send it down the rule list, so the outgoing data (which is what I am trying to prioritize) is never checked.
I don't have any rules near the top which involve keeping state.
I initially tried tagging the packets with the rdr rule that handles the RDP connection, and I just now tried using a TCP proxy on the firewall instead of NAT, but again, the packets aren't matching because the connection is already in the state table.
Ideas on how I can do this?
My firewall setup as a whole is working effectively. I have MSN prioritized, but those connections start from within the network and then go out to the internet, so the tagging at the 'nat' line in the pf conf works. The problem with the RDP thing is that the connections originate from outside and come in.
I want to prioritize the RDP traffic so that it is not laggy when other people are using the link during the day.
The problem is, when I setup a rule to give the traffic high priority, it is not being matched because the connection is initiated from the outside. It appears that once the connection is in the state table, PF does not send it down the rule list, so the outgoing data (which is what I am trying to prioritize) is never checked.
I don't have any rules near the top which involve keeping state.
I initially tried tagging the packets with the rdr rule that handles the RDP connection, and I just now tried using a TCP proxy on the firewall instead of NAT, but again, the packets aren't matching because the connection is already in the state table.
Ideas on how I can do this?
My firewall setup as a whole is working effectively. I have MSN prioritized, but those connections start from within the network and then go out to the internet, so the tagging at the 'nat' line in the pf conf works. The problem with the RDP thing is that the connections originate from outside and come in.